Astrill Setup Manual:Setup OpenVPN on pfSense
STEP 1: Download OpenVPN Configuration File
Login into your Astrill account.
Then go to "VPN Services" tab.
Go to "OpenVPN Certificates" option.
Click on "Create new certificate".
Select your desired mode UDP-Fast OR TCP-Reliable and click on download icon in front of your any desired server.
STEP 2: Setup Certificates For OpenVPN
Login into pfSense through your browser
Go to System tab and click on Cert. Manager.
Select CAs tab and click on Add button.
Open that OpenVPN .conf file in notepad which you downloaded on step 1.
Copy the highlighted CA part from the notepad.
Write a descriptive name and select Import an existing certificate authority from method option and paste the CA in Certificate Data field and click on Save button.
Now go to Certificates tab and click on Add button.
Go to notepad again and copy CERT part like highlighted in screenshot below.
Select Import an existing Certificate from method option and type same descriptive name like you did in previous step and paste the CERT in Certificate Data field.
Go to notepad and copy the KEY part as highlighted in screenshot below.
Paste the KEY in Private Key Data field and click on Save button.
STEP 3: Setup OpenVPN Client on pfSense
Now go to VPN tab and click on OpenVPN
Select Clients tab and then click on Add button.
Make these changes which are marked in screenshot below.
Copy Remote address and Port which are marked in screenshot below. Note: You can use any random port between 1024-65535.
Paste that Remote address and Port in marked fields.
Go to notepad and copy TLS-AUTH key.
Paste that key in TLS Key field and make those changes which are marked in screenshot below.
Select mentioned NCP-Algorithms and make these changes.
Select SHA1 (160-bit) for Auth Digest Algorithm and Intel RDRAND engine - RAND for Hardware Crypto.
Go to notepad and copy all the highlighted text in the screenshot below.